SSL Certificate Analysis for kid.kiddle.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=spaca.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 14, 2026

Valid Until

May 15, 2026 79 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

FA:AB:82:EE:BC:95:ED:E6:13:76:46:CD:F2:53:10:CE:BE:B8:69:BD:A3:DE:1F:DF:48:5F:4A:BA:3C:18:1A:61

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

kiddle.com *.kiddle.com *.accounts.kiddle.com *.blog.kiddle.com *.cisco.kiddle.com *.es.kiddle.com *.hmhco.kiddle.com *.kid.kiddle.com *.kids.kiddle.com *.m.kiddle.com *.richard.kiddle.com *.search.kiddle.com *.w.kiddle.com *.ww.kiddle.com *.ww1.kiddle.com *.ww11.kiddle.com *.ww25.kiddle.com *.ww38.kiddle.com *.www.kiddle.com

Other domains in certificate

agenciasviajes.com *.agenciasviajes.com *.calvillo.agenciasviajes.com *.contacto.agenciasviajes.com

akoury.com *.akoury.com

alexsorgente.com *.alexsorgente.com

apimentado.com *.apimentado.com

cocopa.com *.cocopa.com

disposableclothing.com *.disposableclothing.com

donnola.com *.donnola.com

*.bolsadeempleo.escolapios.com escolapios.com *.escolapios.com *.red.escolapios.com *.revistaperalta.escolapios.com

giordanengo.com *.giordanengo.com

gluteoplastia.com *.gluteoplastia.com

hanier.com *.hanier.com

iliya.com *.iliya.com

jdhs.com *.jdhs.com

lendingworks.com *.lendingworks.com

masajmerkezi.com *.masajmerkezi.com

mcewing.com *.mcewing.com

mediasi.com *.mediasi.com

mizalla.com *.mizalla.com

newjailbreak.com *.newjailbreak.com

orgueil.com *.orgueil.com

randw.com *.randw.com

*.blog102.rigot.com rigot.com *.rigot.com

rozalla.com *.rozalla.com

sciarra.com *.sciarra.com

sogoa.com *.sogoa.com

*.my.spaca.com spaca.com *.spaca.com

spocle.com *.spocle.com

thesnackshack.com *.thesnackshack.com

toddhall.com *.toddhall.com

travelhunters.com *.travelhunters.com

virgincapital.com *.virgincapital.com

yaritagua.com *.yaritagua.com